@@ -139,23 +139,53 @@ exit:
139139/* BEGIN_CASE depends_on:TF_PSA_CRYPTO_PQCP_MLDSA_87_ENABLED */
140140void verify_pure_87 (data_t * public_key , data_t * message , data_t * signature )
141141{
142+ size_t candidate_size = signature -> len ;
143+ uint8_t * candidate = NULL ;
144+
142145 /* Sanity checks on the test data that we pass to the function under test */
143146 TEST_EQUAL (public_key -> len , MLDSA_PUBLICKEYBYTES (87 ));
144147 TEST_EQUAL (signature -> len , MLDSA_BYTES (87 ));
145148
146149 /* Verify the signature */
147- TEST_EQUAL(tf_psa_crypto_pqcp_mldsa87_verify(signature->x, signature->len,
150+ TEST_CALLOC (candidate , candidate_size );
151+ memcpy (candidate , signature -> x , signature -> len );
152+ TEST_EQUAL (tf_psa_crypto_pqcp_mldsa87_verify (candidate , candidate_size ,
148153 message -> x , message -> len ,
149154 NULL , 0 ,
150155 public_key -> x ), 0 );
151156
152157 /* Verify that a one-bit-off signature is wrong */
153- signature->x[signature->len - 1] ^= 1;
154- TEST_EQUAL(tf_psa_crypto_pqcp_mldsa87_verify(signature->x, signature->len,
158+ candidate [candidate_size - 1 ] ^= 1 ;
159+ TEST_EQUAL (tf_psa_crypto_pqcp_mldsa87_verify (candidate , candidate_size ,
160+ message -> x , message -> len ,
161+ NULL , 0 ,
162+ public_key -> x ), MLD_ERR_FAIL );
163+ mbedtls_free (candidate );
164+ candidate = NULL ;
165+
166+ /* Verify that a shorter signature is rejected */
167+ candidate_size = signature -> len - 1 ;
168+ TEST_CALLOC (candidate , candidate_size );
169+ memcpy (candidate , signature -> x , signature -> len - 1 );
170+ TEST_EQUAL (tf_psa_crypto_pqcp_mldsa87_verify (candidate , candidate_size ,
155171 message -> x , message -> len ,
156172 NULL , 0 ,
157173 public_key -> x ), MLD_ERR_FAIL );
158- signature->x[signature->len - 1] ^= 1;
174+ mbedtls_free (candidate );
175+ candidate = NULL ;
176+
177+ /* Verify that a longer signature is rejected */
178+ candidate_size = signature -> len + 1 ;
179+ TEST_CALLOC (candidate , candidate_size );
180+ memcpy (candidate , signature -> x , signature -> len );
181+ TEST_EQUAL (tf_psa_crypto_pqcp_mldsa87_verify (candidate , candidate_size ,
182+ message -> x , message -> len ,
183+ NULL , 0 ,
184+ public_key -> x ), MLD_ERR_FAIL );
185+ mbedtls_free (candidate );
186+ candidate = NULL ;
159187
188+ exit :
189+ mbedtls_free (candidate );
160190}
161191/* END_CASE */
0 commit comments